SIEM Administrator (Information Systems Analyst II Option C)

About The Position

Requirements

• Four (4) years of college with coursework in computer science or directly related fields.
• Three (3) years of professional experience in Client Services or a related Information Technology field.
• Three (3) years of professional experience administering and maintaining a Security Information and Event Management (SIEM) platform in a public or private organization, including implementing, configuring, troubleshooting, and optimizing the system for reliable and secure operation.
• Three (3) years of professional experience performing log onboarding and data ingestion activities, including configuring new data inputs, validating log quality, and normalizing event data to support broad integration of log sources.
• Three (3) years of professional experience developing SIEM dashboards, reports, alerts, and correlation rules, including creating actionable visualizations and automated notifications to support monitoring and incident response.
• Three (3) years of professional experience performing system administration tasks within an SIEM environment, including managing indexes, applications, knowledge objects, data flows, and monitoring system performance.

Nice To Haves

• Three (3) years of professional experience administering and maintaining a Security Information and Event Management (SIEM) platform in a public or private organization, including implementing, configuring, troubleshooting, and optimizing the system for reliable and secure operation.
• Three (3) years of professional experience performing log onboarding and data ingestion activities, including configuring new data inputs, validating log quality, and normalizing event data to support broad integration of log sources.
• Three (3) years of professional experience developing SIEM dashboards, reports, alerts, and correlation rules, including creating actionable visualizations and automated notifications to support monitoring and incident response.
• Three (3) years of professional experience performing system administration tasks within an SIEM environment, including managing indexes, applications, knowledge objects, data flows, and monitoring system performance.
• Three (3) years of professional experience with IT Service Management (ITSM) processes, including managing service requests, coordinating changes, and verifying compliance with established procedures.
• Three (3) years of professional experience using scripting or automation tools to streamline system administration tasks, reduce manual workload, and improve operational efficiency.
• Ability to analyze data logically and exercise sound judgement in defining and evaluating problems of an operational or procedural nature.
• Ability to gain and maintain effective working relationships with associates, vendors, clients, and others, fostering collaboration in resolving technical issues and supporting team members or management staff.
• Developed verbal and written communication skills to present technical information clearly and precisely to diverse audience, including business users, development teams, agency executives, and others.
• Certification(s) in one or more of the following: Certification(s) in CrowdStrike [e.g., Certified Falcon Administrator (CCFA), Certified Falcon Responder (CCFR), Certified Falcon Hunter (CCFH), or LogScale Analyst], certification(s) specific to SIEM, XDR, and Log Analytics [e.g., CompTIA Cybersecurity Analyst (CySA+), GIAC Security Essentials Certification (GSEC), GIAC Certified Detection Analyst (GCDA)] or other similarly related Security or IT foundational certification(s).

Responsibilities

• Serves as a Security Information and Event Management (SIEM) Administrator for the Department of Innovation & Technology (DoIT) performing complex professional and advisory functions in Client Services, including collaborating with the security team to enhance visibility, detection, and monitoring across the enterprise environment.
• Develops, implements, and refines event correlation rules in coordination with agency partners, including supporting ingestion and normalization of appropriate log sources for improved detection and visibility.
• Administers and maintains the SIEM platform in partnership with vendors, including applying updates, coordinating patch cycles, and proactively monitoring system performance and health.
• Keeps abreast of new developments in the information technology field by continuing education through online training platforms, meetings, training sessions, seminars, and conferences to increase familiarity with and remain current on products, vendors, techniques, and procedures.
• Performs other duties as required or assigned which are reasonably within the scope of the duties enumerated above.

Benefits

• Competitive Group Insurance benefits including health, life, dental and vision plans.
• Flexible work schedules (when available and dependent upon position).
• 10 -25 days of paid vacation time annually (10 days for first year of state employment).
• 12 days of paid sick time annually which carryover year to year.
• 3 paid personal business days per year.
• 13-14 paid holidays per year dependent on election years.
• 12 weeks of paid parental leave.
• Pension plan through the State Employees Retirement System.
• Deferred Compensation Program – voluntary supplemental retirement plan.
• Optional pre-tax programs -Medical Care Assistance Plan (MCAP) & Dependent Care Assistant Plan (DCAP).
• Tuition Reimbursement Program and Federal Public Service Loan Forgiveness Program eligibility.